package com.nbsaas.boot.controller;

import com.nbsaas.boot.entity.User;
import com.nbsaas.boot.service.UserService;
import lombok.Data;
import lombok.RequiredArgsConstructor;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/api/auth")
@RequiredArgsConstructor
public class AuthController {
    
    private final UserService userService;

    @PostMapping("/register")
    public ResponseEntity<?> register(@RequestBody RegisterRequest request) {
        try {
            if (userService.existsByUsername(request.getUsername())) {
                return ResponseEntity.badRequest().body(new ErrorResponse("用户名已存在"));
            }
            if (userService.existsByEmail(request.getEmail())) {
                return ResponseEntity.badRequest().body(new ErrorResponse("邮箱已被注册"));
            }
            
            User user = new User();
            user.setUsername(request.getUsername());
            user.setEmail(request.getEmail());
            user.setPassword(request.getPassword());
            
            userService.register(user);
            return ResponseEntity.ok(new AuthResponse("注册成功"));
        } catch (Exception e) {
            return ResponseEntity.badRequest().body(new ErrorResponse(e.getMessage()));
        }
    }

    @PostMapping("/login")
    public ResponseEntity<?> login(@RequestBody LoginRequest request) {
        try {
            Subject subject = SecurityUtils.getSubject();
            UsernamePasswordToken token = new UsernamePasswordToken(request.getUsername(), request.getPassword());
            subject.login(token);
            
            User user = userService.findByUsername(request.getUsername());
            return ResponseEntity.ok(new AuthResponse(user));
        } catch (Exception e) {
            return ResponseEntity.badRequest().body(new ErrorResponse("用户名或密码错误"));
        }
    }

    @PostMapping("/logout")
    public ResponseEntity<?> logout() {
        try {
            Subject subject = SecurityUtils.getSubject();
            subject.logout();
            return ResponseEntity.ok(new AuthResponse("登出成功"));
        } catch (Exception e) {
            return ResponseEntity.badRequest().body(new ErrorResponse(e.getMessage()));
        }
    }

    @Data
    static class RegisterRequest {
        private String username;
        private String email;
        private String password;
    }

    @Data
    static class LoginRequest {
        private String username;
        private String password;
    }

    @Data
    static class AuthResponse {
        private String message;
        private User user;

        public AuthResponse(String message) {
            this.message = message;
        }

        public AuthResponse(User user) {
            this.user = user;
        }
    }

    @Data
    static class ErrorResponse {
        private final String message;
    }
} 